Activity Tracker
The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.
105 events advancing 75 policy or regulatory changes:
Graph
Table
Digital Trade Promotion Act of 2025 (SB 3399) was introduced to Senate
Digital Trade Promotion Act of 2025 (SB 3399) was introduced to Senate
On 9 December 2025, the Digital Trade Promotion Act of 2025 (SB 3399) was introduced in the Senate. The Bill would authorise the President to negotiate and conclude digital trade agreements with other countries to regulate electronic commerce and cr…
Principles for secure integration of AI in operational technology
Cyber Security Centre and Cybersecurity alongside international partners issued principles for secure integration of AI in operational technology
On 4 December 2025, the Australian Cyber Security Centre (ACSC) and the Cybersecurity and Infrastructure Security Agency (CISA) adopted principles for the secure integration of artificial intelligence (AI) in operational technology. The principles p…
Cybersecurity requirements in Regulation on Protection of Personal Information on Large-scale Online Platforms
Cyberspace Administration opened consultation on draft Regulation on Protection of Personal Information on Large-scale Online Platforms including cybersecurity requirements
On 22 November 2025, the Cyberspace Administration of China opened a consultation on the draft Regulation on the Protection of Personal Information on Large-scale Online Platforms, including cybersecurity requirements, until 22 December 2025. The Re…
Data protection requirements in Regulation on Protection of Personal Information on Large-scale Online Platforms
Cyberspace Administration opened consultation on draft Regulation on Protection of Personal Information on Large-scale Online Platforms including data protection requirements
On 22 November 2025, the Cyberspace Administration of China opened a consultation on the draft Regulation on the Protection of Personal Information on Large-scale Online Platforms, including data protection requirements, until 22 December 2025. The …
Organisational requirements in Regulation on Protection of Personal Information on Large-scale Online Platforms
Cyberspace Administration opened consultation on draft Regulation on Protection of Personal Information on Large-scale Online Platforms including organisational requirements
On 22 November 2025, the Cyberspace Administration of China opened a consultation on the draft Regulation on the Protection of Personal Information on Large-scale Online Platforms, including organisational requirements, until 22 December 2025. The r…
Data localisation requirements in Regulation on Protection of Personal Information on Large-scale Online Platforms
Cyberspace Administration opened consultation on draft Regulation on Protection of Personal Information on Large-scale Online Platforms including data localisation requirements
On 22 November 2025, the Cyberspace Administration of China opened a consultation on the draft Regulation on the Protection of Personal Information on Large-scale Online Platforms, including data localisation requirements, until 22 December 2025. Th…
Guidelines for the development of computing power standards system
Ministry of Industry and Information Technology closes consultation on guidelines for development of computing power standards system
On 22 November 2025, China’s Ministry of Industry and Information Technology (MIIT) closes the public consultation on the guidelines for the development of computing power standards system. The guidelines set out a national framework to standardise …
Lawsuit over alleged aiding of copyright infringement through content delivery network services (Kadokawa and others v Cloudflare)
Tokyo District Court found Cloudflare liable for aiding copyright infringement through CDN services
On 19 November 2025, the Tokyo District Court awarded approximately JPY 1.265 billion to Kodansha, Shueisha, and Shogakukan, and JPY 1.214 billion to KADOKAWA after finding Cloudflare liable for aiding copyright infringement. The case concerned two …
European Commission non-binding model contractual terms on data access and use and non-binding standard contractual clauses for cloud computing contracts
European Commission adopted Recommendation on non-binding model contractual terms on data access and use and non-binding standard contractual clauses for cloud computing contracts
On 19 November 2025, the European Commission adopted a Recommendation on non-binding model contractual terms on data access and use and non-binding standard contractual clauses for cloud computing contracts, as provided for in Article 41 of the Data…
Designation of critical information and communications technology third-party providers under Digital Operational Resilience Act
European Supervisory Authorities designated critical information and communications technology third-party providers under Digital Operational Resilience Act
On 18 November 2025, the European Supervisory Authorities, comprising the European Banking Authority, the European Insurance and Occupational Pensions Authority, and the European Securities and Markets Authority, designated nineteen critical Informa…